package controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

import domain.Admin;
import service.AdminService;

@Controller
public class PasswordController {
	@Autowired
	private AdminService service;

	@RequestMapping("/password")
	public String goPassword(HttpServletRequest req) { //跳转到改密码的界面
		return "admin/password";
	}

	@RequestMapping("/changePassword")
	public void changePassword(HttpServletRequest req, HttpServletResponse resp, String old, String new1, String new2,
			Long id) throws Exception {
		//从session中拿admin的密码  强转 能进入到这里session中也一定有值
		Admin admin = (Admin) req.getSession().getAttribute("ADMIN_IN_SESSION");
		if (admin.getPassword().equals(old) && new1.equals(new2)) {
			Integer state = service.changePassword(id, new1);
			if (state > 0) {
				req.setAttribute("isSuccess", "修改成功");
				resp.sendRedirect("/admin");
			} else {
				req.setAttribute("isSuccess", "修改失败");
			}
		} else {
			req.setAttribute("isSuccess", "修改失败");
			req.getRequestDispatcher("/password").forward(req, resp);
		}
	}

}
